This project contains contributions from a variety of people, including those not directly listed as project authors. This document will provide attributions to those individuals as well as acknowledge sourcing of various algorithms where applicable.
- Anthony Cagliano
- Lead developer, cybersecurity analyst, and cryptographer responsibile for researching, analyzing, and porting most of the cryptographic algorithms to the calculator. Generally, this involved verifying data types to be of a compatible bit-width and endianness, devising a suitable API for users, and documenting the API.
- Adam Beckingham
- Involved in the optimization (and in some cases, rewrite) of various ported algorithms from compiled C to pure assembly for performance and size.
- John Caesarz
- Assisted with answering my dumb questions about ridiculous formatting ideas and corrected some of my assembly mistakes.
- Responsible for the implementation of modular exponentiation utilized by this library, as well as the buffer comparison algorithm.
- Provided relevant information about bus noise for entropy sourcing on the calculator, performed analysis of unmapped memory seeking estimates on correlation and behavior. Additionally, optimized code to help guard against stack leak.
- Optimized _rmemcpy function, a function that operates similarly to the C standard library function memcpy, but that reverses endianness while copying.
- This library's SHA256 and AES implementation are sourced from this repository. AES remains mostly as is, but SHA256 was subsequently converted into pure assembly by Adam Beckingham following the specs of the algorithm from that repo. Device-specific protections, such as those explained in the Cryptanalysis were embedded in the output assembly afterwards.
- The code in this repository was my initial reference for the development of Elliptic Curve Diffie-Hellman. However, the underlying arithmetic of this implementation was written in pure assembly (or a hybrid of pure assembly and compiled C). At some point during development the code style and mathematics of this implementation deviated substantially from the cited one. Nonetheless, credit where it is due.
Yes, I am aware of the general rule of cryptography: Do not roll your own crypto! That's easy to say on most platforms where many different libraries exist to do it for you. I did not have that benefit on the TI-84+ CE. I had to make do with porting what algorithms I could and building the rest from the ground up. This was done with the benefit of expertise from those who know the intricacies of the device and many people in the TI development community contributed to making this library as secure as possible. Is it perfect? Probably not. But we did the best we can, and the library remains available for review by the community for increased performance and better security.